SNS F572 Advanced Network Forensics - GIAC Network Forensic Analyst GNFA
 
Course Description
This course develops advanced network forensics capabilities to identify intrusions and trace adversary activity through detailed packet capture and log analysis. Learners gain deep visibility into network communications, enabling rapid reconstruction of attack paths and accurate identification of malicious behavior across enterprise environments.
 
What You Will Learn
Perform deep packet inspection and protocol level traffic analysis
Analyze flow records using NetFlow Zeek and packet capture data
Correlate network evidence with endpoint and cloud artifacts
Extract malicious payloads and identify attacker infrastructure
Automate network forensic analysis and timeline reconstruction
Support investigations with defensible network based evidence
 
Who This Course Is For
This course is designed for network forensic analysts incident responders threat hunters SOC analysts security engineers and practitioners responsible for investigating network based attacks and supporting enterprise incident response.
 
Hands On Training Experience
Learners analyze realistic attack traffic using Zeek Wireshark and custom analysis tools. Exercises include examining packet captures extracting malware correlating events and building comprehensive incident timelines that mirror real world investigations.
 
Course Outcomes
Increase visibility into adversary network communications and tactics
Reconstruct attack timelines quickly to reduce incident impact
Strengthen SOC and threat hunting operations with network analytics
Produce high quality forensic evidence to support security legal and regulatory needs